Unable to validate incoming SAML Assertion

Problem Statement

I’m trying to setup Azure AD as an IdP in the Security section of the dashboard.

Actions

I’ve successfully send the metadata information to the IdP and have got the issuer, sso urls and certificate all setup and configured.

Issue

The last point of the SAML flow (once I’ve successfully authenticated with my idP and filled out the details with my MFA) is failing with Unable to validate incoming SAML Assertion.

Would appreciate some help, as all I get back is NONSUCCESS error. It’s Azure AD, so any tips on troubleshooting it at that end would be useful.

Andy

I resolved this - the organisation setup generated two certificates. I had to switch to the other one, and modify so that ASSERTIONS were not signed. I’d imaging other IdP would provide more explicit instructions.

@aloughran i’m getting the same error, but can fix it with ur resolution. Can you share your config? or special/specific installation?
I (also) wanna add AzureAD as an IdentiryProvider.
We use to work with ADFS